In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser. This has been patched in 2.0.0.

References

bugzilla.redhat.com/show_bug.cgi?id=1835772

nvd.nist.gov/vuln/detail/CVE-2020-11049

www.cve.org/CVERecord?id=CVE-2020-11049

cve 1

osv 4

veracode 1

cvelist 1

prion 1

debiancve 1

nvd 1

ubuntucve 1

openvas 5

ubuntu 2

nessus 17

almalinux 1

oraclelinux 2

redhat 2

centos 1

rocky 1

amazon 1

mageia 1

debian 1

cve

CVE-2020-11049

2020-05-07 20:15:12

osv

CVE-2020-11049

2020-05-07 20:15:12

Moderate: freerdp and vinagre security, bug fix, and enhancement update

2020-11-03 12:23:37

Moderate: freerdp and vinagre security, bug fix, and enhancement update

2020-11-03 12:23:37

veracode

Denial Of Service (DoS)

2020-10-01 03:56:25

cvelist

CVE-2020-11049 Out-of-bounds Read in FreeRDPrdp_read_share_control_header

2020-05-07 00:00:00

prion

Out-of-bounds

2020-05-07 20:15:00

debiancve

CVE-2020-11049

2020-05-07 20:15:12

nvd

CVE-2020-11049

2020-05-07 20:15:12

ubuntucve

CVE-2020-11049

2020-05-07 00:00:00

openvas

FreeRDP > 1.1.0 & < 2.0.0 Multiple Out-of-Bounds Read Vulnerabilities

2020-05-13 00:00:00

Ubuntu: Security Advisory (USN-4382-1)

2020-06-05 00:00:00

Ubuntu: Security Advisory (USN-4379-1)

2020-06-02 00:00:00

ubuntu

FreeRDP vulnerabilities

2020-06-04 00:00:00

FreeRDP vulnerabilities

2020-06-01 00:00:00

nessus

Ubuntu 16.04 LTS : FreeRDP vulnerabilities (USN-4382-1)

2020-06-05 00:00:00

Ubuntu 18.04 LTS / 20.04 LTS : FreeRDP vulnerabilities (USN-4379-1)

2020-06-02 00:00:00

CentOS 7 : freerdp (CESA-2020:4031)

2020-10-20 00:00:00

almalinux

Moderate: freerdp and vinagre security, bug fix, and enhancement update

2020-11-03 12:23:37

oraclelinux

freerdp security, bug fix, and enhancement update

2020-10-06 00:00:00

freerdp and vinagre security, bug fix, and enhancement update

2020-11-10 00:00:00

redhat

(RHSA-2020:4647) Moderate: freerdp and vinagre security, bug fix, and enhancement update

2020-11-03 12:23:37

(RHSA-2020:4031) Moderate: freerdp security, bug fix, and enhancement update

2020-09-29 07:53:01

centos

freerdp, libwinpr security update

2020-10-20 18:03:15

rocky

freerdp and vinagre security, bug fix, and enhancement update

2020-11-03 12:23:37

amazon

Medium: freerdp

2020-10-22 17:36:00

mageia

Updated freerdp/remmina packages fix security vulnerability

2020-08-01 02:25:42

debian

[SECURITY] [DLA 3606-1] freerdp2 security update

2023-10-07 18:09:17

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.004 Low

EPSS

Percentile

74.1%

JSON

Related for RH:CVE-2020-11049